<!DOCTYPE html>
<html lang="en-US">
<head>


<h1 id="Documentation">Documentation</h3>
	<div class="entry-content">
		<p>This documentation will grow organically and is a work in progress.</p>
<h3 id="configuration">Configuration</h3>
<p>At the moment, SPARTA can be configured by editing the <strong>sparta.conf</strong> file located in SPARTA&#8217;s root folder. At launch time, SPARTA checks if this file exists and if it does not, a new file is created with default values. In the future, there will be a settings menu which will remove the need to manually edit this file and will make changing the configuration easier and safer.</p>
<p><strong>WARNING: Apart from tools, do not remove any lines from sparta.conf as it could break functionality. Also, assume that setting values are case-sensitive.</strong></p>
<p>&nbsp;</p>
<h4 id="adding-actions">Adding new actions</h4>
<p>In SPARTA we separate actions in three classes:</p>
<ul>
<li><strong>Host Actions:</strong> are invoked by right-clicking on a <strong>host</strong> and their tool output will be stored and displayed in SPARTA</li>
<li><strong>Port Actions:</strong> are invoked by right-clicking on a <strong>port or service</strong> and their tool output will be stored and displayed in SPARTA (Eg: Nikto)</li>
<li><strong>Terminal Actions:</strong> are invoked by right-clicking on a <strong>port</strong> and will spawn an external terminal window (Eg: Connect with netcat)</li>
</ul>
<p>&nbsp;</p>
<p>To configure a new action the following format must be used:<br />
<center><strong><em>tool=label, command, services</em></strong></center></p>
<p><strong>tool</strong> is a unique identifier, typically the name of the tool.</p>
<p><strong>label</strong> is the text that will appear in the context menu.</p>
<p><strong>command</strong> is the command you would type in the terminal to run the tool. Note that it must be a non-interactive command. The placeholders [IP], [PORT] and [OUTPUT] when used will be replaced at run time by the right values.</p>
<p><strong>services</strong> is the list of nmap service names that the tool applies to. When you right-click on a port/service the tool will only appear in the context menu if the service was defined here. Note that this field is not used by the Host Actions for obvious reasons.</p>
<p>&nbsp;</p>
<p>Example:<br />
To configure the tool Nikto as a port action we would need to add the following line to the [PortActions] section in sparta.conf:</p>
<p><strong><em>nikto=Run nikto, nikto -o [OUTPUT].txt -p [PORT] -h [IP], &#8220;http,https&#8221;</em></strong></p>
<p>&nbsp;</p>
<p>After making changes to the configuration file, SPARTA must be restarted for changes to take effect. This won&#8217;t be the case when we implement the settings menu.</p>
<p>&nbsp;</p>
<h4 id="conf-auto-attacks">Configuring automated attacks</h4>
<p>You can set up SPARTA to automatically run any tool &#8211; that you have configured in the [PortActions] section of the configuration file &#8211; when a service is identified.</p>
<p>Automated attacks are enabled by default but can be disabled by editing the &#8220;enable-scheduler&#8221; option in the [GeneralSettings] section of the configuration file.</p>
<p>Automated attacks are configured in the [SchedulerSettings] section of the configuration file. The following format must be used:</p>
<p><center><strong><em>tool=services, protocol</em></strong></center></p>
<p><strong>tool</strong> is the unique identifier which was used to define the tool in the [PortActions] section.</p>
<p><strong>services</strong> is the list of services that when identified should trigger the tool to run automatically.</p>
<p><strong>protocol</strong> is the protocol of the service the tool should run on (tcp/udp).</p>
			</div><!-- .entry-content -->


<h3 id="Feedback">Feedback</h3>
<p>We value your feedback as it will help us turn SPARTA into an even more awesome tool!</p>
<p>Also, since we are penetration testers and not developers there&#8217;s a chance you will find a few bugs.</p>
<p>For bug reports, feature requests or any other feedback, please use our <a href="https://github.com/SECFORCE/sparta/issues" target="_blank">issue tracker</a>.</p>
<h3 id="License-Disclaimer">License / Disclaimer</h3>
<p>SPARTA comes without warranty and is meant to be used by penetration testers during network infrastructure security assessments.</p>
<p>Both its developers and SECFORCE decline all responsibility:<br />
&#8211; in case the tool is used for malicious purposes or in any illegal context;<br />
&#8211; in case the tool crashes your system or other systems.</p>
<h3 id="Authors">Authors</h3>
<p>SPARTA was created and developed by:</p>
<p>Antonio Quina (@st3r30byt3)<br />
Leonidas Stavliotis (@lstavliotis)</p>
			</div><!-- .entry-content -->
	</article><!-- #post-## -->
			
		</main><!-- #main -->
	</div><!-- #primary -->


</body>
</html>